To meet the future, law enforcement needs to become educated on cryptocurrencies, the dark web and encryption methods. They need to understand the telltale signs of cryptocurrency activity, such as cryptocurrency wallet icons on a phone or computer, visits to a cryptocurrency kiosk or a transaction between a person of interest and cryptocurrency exchanges. Signs of encrypted communication, such as email, or apps such as WhatsApp or Telegram also can be helpful to turn a person of interest into a suspect.

What is cryptocurrency?

Unlike “real” money issued by a government (also called fiat money), cryptocurrency is a digital asset that can record transactions between two parties efficiently and in a verifiable, anonymous and permanent way. Most cryptocurrencies (also called “digital tokens”) are based on a based upon an open, distributed technology called blockchain which can be used for many other applications. Bitcoin is the most familiar of these digital currencies, but there are hundreds of others.

What does this mean in English? While everyone, including an uninvolved party, can verify that a cryptocurrency transaction took place, no one can link the sender and receiver to a human being since the blockchain, or ledger, only records the transaction information and not personally identifiable information. This allows an anonymous exchange of value.

Until the advent of cryptocurrency, banks have served the trusted role of intermediary between two parties in a financial transaction—vouching for who the parties are and that the money is valid. Blockchain and cryptocurrency transactions are sometimes referred to as “trustless” transactions because there is no single human intermediary that needs to be trusted – instead that “trust” is assigned to the blockchain. Because the system is “distributed” and “de-centralized,” there is no central ledger or single computer system that can be shut down to kill it.

Why should a law enforcement officer learn about cryptocurrency?

Law enforcement needs to know something about cryptocurrency because it has become the payment of choice for many criminal activities. While cryptocurrency has plenty of legitimate uses, it has been identified as a payment method in transactions involving illegal drugs, firearms, explosives, human trafficking, child sex and child pornography. Although cryptocurrency is a global phenomenon, it has real local impacts. If you are in an area that has seen a spike in opioids deaths recently, you also have a cryptocurrency problem as well. A couple of notable cases are Peter the Great and Aaron Shamo. Both of these involved cryptocurrencies as the means of payment for massive amounts of fake opioid pills that were actually fentanyl tablets. But narcotics are just one incidence of illicit cryptocurrency use.

Another concern for law enforcement and the financial sector is the peer-to-peer cryptocurrency trader. This person advertises themselves as a person willing to exchange real currency for cryptocurrency or vice versa outside the traditional financial system, which requires real names and reporting of activities. This person is of particular importance since the dark web vendor needs a place to cash in cryptocurrency – and the peer-to-peer exchanger is the “fence.”

If there is money to be made, the criminal element will be the first to exploit new technology. This was true of cryptocurrencies, and law enforcement is just now catching up and beginning to assign real identities to cryptocurrency transactions. Today, law enforcement can use software to track and trace bitcoin transactions and give them the leads they need to follow the money trail. The peer to peer exchanger most often is acting as a money launderer for dark web activities.

Why is the use of cryptocurrency increasing?

In theory, a buyer and seller can anonymously exchange goods for money by using a dead drop, but either party to the transaction could lie in wait for the other. Law enforcement might also be able to determine the location of a dead drop and arrest both participants. Even funds transfers into anonymous bank accounts aren’t as safe as they used to be due to the money laundering laws implemented in most countries. Therefore, dark market vendors are moving to cryptocurrency as a means of payment for all types of illicit goods.

How do people become anonymous? What are some of the tips and tricks that cops should look for that will tip us off to take a deeper look?

People become anonymous by using software to connect through multiple computers so that no one knows where they are actually sitting, operating on the dark web (see below), using encrypted communications and by conducting transactions via cryptocurrency. They further their anonymous activities by seeking out and using peer-to-peer cryptocurrency exchanges to transfer from fiat money to cryptocurrency and back again.

What is the dark web?

The “dark web” refers to a portion of the Internet where everyday browsers do not search. Rather, it is generally accessible via special networks and browsers such as The Onion Router (TOR), Tails or I2P. Think of the internet as a smart phone map where you enter the name of a place (like Amazon.com) to be taken there. The dark web is made up of sites which cannot be reached by name, and if you don’t know the exact address, you cannot get there; in fact, many dark web sites cannot be reached unless you go through other hidden locations first.

Once you are on the dark web, you could have accessed sites such as Alphabay, Silk Road 1 and 2 and Valhalla Market, which offered a whole new world of illicit commodities until they were shut down by law enforcement.

It is important to understand that sites on the dark web only can be shut down if law enforcement determines that they do exist and where they are located. But like any criminal enterprise, new suppliers pop up to take the place of any which go dark. It is a game of cat and mouse using some of the most advanced technology on the planet. But there are ways to find ghosts lurking on the dark web.

If someone is really careful, how do you link a cryptocurrency ghost to a human being?

Modern DNA technology is being used to help solve cold cases even where there didn’t appear to be any evidence at the time. What appears to be anonymous at first glance might not really be anonymous at all. Blockchain Intelligence Group has created a suite of solutions to trace bitcoin transactions, giving law enforcement the tools they need to follow the money trail. The QLUE (Quantitative Law Enforcement Unified Edge) solution makes it possible to track bitcoin from its origination to its destination in a visual way.

Investigators can trace transactions to cryptocurrency exchange locations or other “choke points” that require the user to sign up using their true identification. From this point, the law enforcement officer can get a warrant to force the exchange to divulge the real identity of the account owner.

As more regulation comes into the cryptocurrency space, these “virtual-to-real” locations will become more difficult for the cryptocurrency user to avoid, making it easier for law enforcement to de-anonymize cryptocurrency users. Some uses of cryptocurrency are perfectly legal, even if morally questionable, and these legitimate users of cryptocurrency have little to fear. However, for bad actors using cryptocurrency, Blockchain Intelligence Group is the new sheriff in town.

How can law enforcement use big data to track crime?

While it may be impossible to use a single clue to solve a crime, a handful of clues might help you nail your suspects. For example, you have one suspect that you are pretty sure of, but you think he had an accomplice. You know that he goes to one of the same three restaurants every week for two months, and witnesses can pick him out, but no one else.

Now, you pull the location data from your second suspect’s phone and it shows that she was in each of those same restaurants at the same time as your suspect. Now you have a suspicious pattern that needs to be looked at.

In a similar way, by looking at the cryptocurrency choke points and the communications involved, law enforcement can be pointed in the right direction to grab the information they need. This information could include device fingerprints to tie persons together, information on who’s accessed whose account, public encryption keys, identifying cryptocurrency wallets and linking transactions between the actors. All of these put together can lead not just to one bad actor, but can go a long way toward identifying an entire organization.

Today's technology is truly amazing, but in the end it’s still just a tool that helps law enforcement sort through a huge haystack of seemingly random information to detect patterns. Once patterns are found, tracing software can help law enforcement make sense of what the pattern means and, using their investigative know-how, bring criminals to justice. In one notable case called the Sheep Marketplace theft, it took the investigator several weeks to trace the bitcoin transactions by hand. Tracing the transactions today using QLUE software would take a matter of minutes, not weeks.

The growing prevalence of cryptocurrency as the value exchange mechanism of choice for criminals means the time is right for exploring how powerful software that traces cryptocurrency transactions to the source can free your officers for more important activities – like making the bust and saving lives.

About the Author

Ron LaPedis has been a business continuity and security professional for over 25 years and frequently writes and speaks on business continuity, cybersecurity, physical security and public safety topics. He is a Patron of the NRA, NRA-certified Range Safety Officer (RSO), NRA and California DOJ Certified Instructor, member of the International Law Enforcement Educators and Trainers Association (ILEETA), and serves on the boards of public safety, military and law-enforcement related organizations.

Ron is a Master Business Continuity Professional, an Associate Fellow of the Business Continuity Institute, a Distinguished Fellow of the Ponemon Institute, a Certified Information Systems Security Professional and is licensed to carry a firearm in his home state of California and beyond.

About the author

Ron LaPedis has been a business continuity and security professional for over 25 years and frequently writes and speaks on business continuity, cybersecurity, physical security and public safety topics. He is a life member of the NRA, NRA-certified Range Safety Officer (RSO), NRA and California DOJ Certified Instructor, member of the International Law Enforcement Educators and Trainers Association (ILEETA), and serves on the boards of public safety, military and law-enforcement related organizations.

Ron is a Master Business Continuity Professional (MBCP), an Associate Fellow of the Business Continuity Institute (AFBCI), a Distinguished Fellow of the Ponemon Institute and a Certified Information Systems Security Professional (CISSP).